...if the phrase "privacy policy" makes you want to go back to sleep: stop, drop, roll, and read this email below.

Hi. I'm Jon Fedor and this is InCyber Regular, edition 28.

InCyber exists to help people secure their digital gemstones and belongings. We go hard in the paint on personal digital security and also talk security topics for small to medium businesses.

Today:

1. Goals for 2022
2. Update on new idea
3. Privacy policies (from ProtonMail)
4. TryHackMe
5. Password standup

Goals

(Skateboarding or scoring goals?)

Our mission is to help you stop exposing yourself on the internet; to make your digital presence more secure than it was yesterday.

How do we measure this?

Here's where we're going in 2022:

1. Inspire and assist five people to start using password managers
2. Launch self-service tutorial for getting started with password management
3. Bring in a guest contributor / collaborator once a month

It's shaping up to be a packed year and I'm more excited about it than a bear river fishing for salmon.

Here's an update on Goal One:

Self-service tutorial

I'd like to make a tool that could be used anytime, anywhere to help people get started with a password manager.

Right now I'm thinking it would aimed specifically at first-time password manager users with low computing knowledge.

In other words: I'd like to make something that doesn't skip steps and doesn't take anything for granted.

End of January and through February is a *crazy* time for our family. I'll be working to get started on this tutorial slowly and incrementally. Next update will likely be two weeks from now.

You'll get first-looks at progress as we go!

Get ready to give me your loudest, most unvarnished opinions.

Privacy policies and taking back control

I've been using ProtonMail for years to send secure, encrypted email.

I love the product. I love the company. I love that the company is based in Switzerland; the land synonymous with banks, secret gold, and skiing (oh, and security).

I also recently discovered that they've been publishing quite a lot of security-related content with an aim to educate. Brilliant!

Earlier this month they published this excellent piece on reading and synthesizing privacy policies.

They cover two important areas in this piece:

1. What to look for in a privacy policy and
2. How to look for those things in the policy

What to Look For

The ProtonMail team recommends keeping a keen eye out for questions like:

1. What personal data does the service provider collect and how?
2. How is my data secured? And what are my rights related to my data?
3. With whom will they share my data and how long do they retain it?

Etc.

The kicker of this piece though is the second critical area.

How to Look For Them

The author lays out a short list of *critical* keywords and phrases that you can simply paste into CTRL+F on the page of a service's privacy policy and get some quick answers

The whole list is here in the article (towards the bottom) and well worth your time to digest. I mean, it's not a steak but it's still very good.

TryHackMe

I've been on an absolute tear with TryHackMe. In fact I'm running a 15-day streak on progress with the platform and just leveled up into the top 12% of the ~1M security folks on the platform.

How does that help you?

...well, I guess it doesn't really.

Apart from giving a ripping positive endorsement for the site.

It's a rich source for gamified learning and will teach you security concepts starting at the most basic level (like, how a website works, what's a server, Windows and linux fundamentals, etc).

Here's an example of concepts covered by one of the entry-level learning paths:

Let me know if you end up trying it out!

Password standup

Someone actually put together a tight four minutes on password creation and use. And it's pretty funny!

The guy's name is Michael Mcintyre and the first 3:45 minutes of this video contain the bit.

It does have swears so heads up.

Here's the link to the video.

Thanks!

Since last week we've welcomed some new faces to this community. Great to have you here; hope you stay along for the ride.

Let's keep building this InCyber community! I'd be glad to hear your ideas.

Have a good'un, Good Lookin'.

~ Jon "Privacy Schmivacy" Fedor